passing looks like this. One server might be google's; one might be ISP's.

(pause) they find answer, looks like this. router gets that and...

fwds that to you, so you can make the request; I'll fmt into URL

http://74.125.239.37

You could visit this in a browser; usually wouldn't yourself; no surprise but yay!

If you want you can ask

$ host google.com

google.com has address 74.125.239.37

Transition back to Karen: Real websites have public IP addresses, but your computer almost certainly doesn't. And yet your computer can still communicate with the rest of the internet. It's able to do so because of a trick your router does called

Network Address Translation(NAT)

your router does this

router stands between machines on your local network and the rest of the internet

router has to keep track of whose traffic is whose

send a packet to a website somewhere. TCP connection, so a random unused port is part of the from address. (so you can connect to more than one website at a time!)

rewrites packet with router's public IP address and the port number it assigned you

...and sends it along

get response back from website, addressed to router's public IP address

look at nat table for where to send packet based on port number

find your private IP address, rewrite packet and send it back to you

good: multiple devices can share one public address

bad: makes it hard for people outside your network to reach you

Still want to share outside the local network

Need to get around this

SSH tunneling

SSH does lots of things,

Remote port forwarding using SSH

but this is what we're doing with it

Get access to a computer with a public IP address

University server account

Linode

Amazon EC2

A friend with a server

step one

connect to remote machine via ssh. this works just like any other internet connection, even w. NAT

your laptop connects whatever port it uses for the TCP connection for the ssh session to your application/simplehttpserver/whatever port. remote machine connects port 22 traffic with a different available port.

link people to the remote machine's IP address (or domain name, if it has one) on the chosen port.

$ ssh -g -R 9999:localhost:8000 myfriendsserver.net

the incantation that does all this

$ ssh -g -R 9999:localhost:8000 myfriendsserver.net

means "do forwarding of traffic"

$ ssh -g -R 9999:localhost:8000 myfriendsserver.net

"gateway ports" -- use all interfaces, not just local loopback

$ ssh -g -R 9999:localhost:8000 myfriendsserver.net

the port where your stuff will be accessible on the remote machine

$ ssh -g -R 9999:localhost:8000 myfriendsserver.net

what interface/port you want to connect on your machine

$ ssh -g -R 9999:localhost:8000 myfriendsserver.net

IP address or domain name for the remote machine

http://myfriendsserver.net:9999

success! all you need is money to pay for a remote server, or a friend who's willing to give you ssh access.

if you have no friends, money, or SSH access, life can be ok

free online svcs

ngrok & pagekite

mission help you debug your applications

both are open source, let you borrow subdomain, connect to it w/ client